Tenant Onboarding. Tenant Onboarding Overview. Tenant Onboarding with Virtual Data Centers

Similar documents
Managing Virtual Data Centers

Application Provisioning

Managing VMware vcenter Site Recovery Manager

Creating Application Containers

Creating Application Containers

UCS Director: Tenant Onboarding Cisco ACI & Microsoft HyperV. Dec. 2016

Overview of the Self-Service Portal

Multiple Disk VM Provisioning

Cisco UCS Director and ACI Advanced Deployment Lab

Preparing Virtual Machines for Cisco APIC-EM

Preparing Virtual Machines for Cisco APIC-EM

Multiple Disk VM Provisioning

Managing System Administration Settings

Cisco HyperFlex Systems

Managing System Administration Settings

Managing VMware Datastore Clusters

Cisco UCS Director Tech Module Cisco Application Centric Infrastructure (ACI)

Quick Start Guide (SDN)

Taming the Multi-Cloud With Simplicity and Openness. Minh Dang Cisco Systems Vietnam 2018 January

Cisco UCS Director Red Hat Enterprise KVM Management Guide, Release 6.0

VCAP5-DCD. Vmware. VMware Certified Advanced Professional 5 - Data Center Design

Configuring APIC Accounts

Quick Start Guide (SDN)

Cisco Virtual Application Container Services 2.0 Lab v1

VMware vcloud Director Evaluator s Guide TECHNICAL WHITE PAPER

Cisco ACI Simulator VM Installation Guide

Cisco ACI Virtual Machine Networking

IaaS Integration for Multi- Machine Services. vrealize Automation 6.2

Introducing Cisco Cloud Administration CLDADM v1.0; 5 Days; Instructor-led

Cisco ACI Virtual Machine Networking

Securing Containers Using a PNSC and a Cisco VSG

Automation of Application Centric Infrastructure (ACI) with Cisco UCS Director

IaaS Integration for Multi-Machine Services

Managing ReadyClones

Introducing VMware Validated Design Use Cases. Modified on 21 DEC 2017 VMware Validated Design 4.1

Managing System Administration Settings

VMware vcloud Director for Service Providers

Configuring Layer 4 to Layer 7 Resource Pools

Cisco UCS Director Tech Module EMC XtremIO

Cisco UCS Director Tech Module IBM Storage Arrays. June 2016

EZ Cloud Reference Material EZ Cloud Type 1: Release 1 Use Cases

Managing the VM Lifecycle

Data Center and Cloud Automation

Administering VMware vsphere and vcenter 5

Virtual Machine Manager Domains

Microsegmentation with Cisco ACI

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Version 1.26 Installation Guide for SaaS Uila Deployment

Networking Domains. Physical domain profiles (physdomp) are typically used for bare metal server attachment and management access.

Cisco Intelligent Automation for Cloud Release Notes

Design Guide for Cisco ACI with Avi Vantage

Securing Containers Using a PNSC and a Cisco VSG

Storage Considerations for VMware vcloud Director. VMware vcloud Director Version 1.0

Version 1.26 Installation Guide for On-Premise Uila Deployment

VMware vfabric Data Director Installation Guide

EMC Isilon. Cisco UCS Director Support for EMC Isilon

Configuring EMC Isilon

Cisco Mini ACI Fabric and Virtual APICs

Active System Manager Version 8.0 User s Guide

Cisco UCS Director Administration Guide, Release 6.5

Manage Hybrid Clouds with a Cisco CloudCenter, Cisco Application Centric Infrastructure, and Cisco UCS Director Solution

Introducing VMware Validated Design Use Cases

Cisco ACI Virtual Machine Networking

VMware - VMware vsphere: Install, Configure, Manage [V6.7]

Cisco ACI with Cisco AVS

DEPLOYING A VMWARE VCLOUD DIRECTOR INFRASTRUCTURE-AS-A-SERVICE (IAAS) SOLUTION WITH VMWARE CLOUD FOUNDATION : ARCHITECTURAL GUIDELINES

VMware vfabric Data Director Installation Guide

DELL EMC VSCALE FABRIC

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

Managing VMware Distributed Resource Scheduler

Setting Up Cisco Prime LMS for High Availability, Live Migration, and Storage VMotion Using VMware

Configuring Global Service Profiles

Service Graph Design with Cisco Application Centric Infrastructure

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)

Configuring Cisco UCS Server Pools and Policies

VMware vsphere with ESX 6 and vcenter 6

VMware vfabric Data Director 2.5 EVALUATION GUIDE

Orchestration Workflow Tasks for PXE Boot

Reference Architecture for Dell VIS Self-Service Creator and VMware vsphere 4

Cisco UCS Director Management Guide for Microsoft System Center Virtual Machine Manager, Release 6.5

vcloud Director Administrator's Guide vcloud Director 9.0

Developing a Hyper- Converged Storage Strategy for VMware vcloud Director with VMware vsan

VMware vcloud Air User's Guide

Cisco Solution for Private Cloud

Virtual Network Functions Life Cycle Management

GV STRATUS Virtualized Systems. Alex Lakey November 2016

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Designs for Software-Defined Data Center

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

NEXGEN N5 PERFORMANCE IN A VIRTUALIZED ENVIRONMENT

Virtual Network Functions Life Cycle Management

Data center requirements

WHITE PAPER SEPTEMBER 2017 VCLOUD DIRECTOR 9.0. What s New

Installing the Cisco IOS XRv 9000 Router in VMware ESXi Environments

VVD for Cloud Providers: Scale and Performance Guidelines. October 2018

VMware vrealize Operations Management Pack for vcloud Director 4.5 Guide

Introducing VMware Validated Designs for Software-Defined Data Center

believe in more SDN for Datacenter A Simple Approach

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine

Latest IT Exam Questions & Answers

Transcription:

Overview, page 1 with Virtual Data Centers, page 1 with Resource Groups, page 5 Overview In Cisco UCS Director, tenants enable you to securely control and allocate the virtual and physical infrastructure of your data center to the different user groups, organizations, and customers. Your IT teams no longer need to manually provision infrastructure for users to deploy virtual machines (VMs) to run end user applications. Instead, you can configure tenant onboarding through Cisco UCS Director to define the infrastructure boundaries and resource limits that are applied automatically when a user makes a service request to provision a VM or an application. Depending upon the infrastructure in your data center, you can use one of the following configurations for tenant onboarding: Resource groups for systems that include an integration with Cisco Application Centric Infrastructure (Cisco ACI) and Cisco Application Policy Infrastructure Controller (Cisco APIC) Virtual data centers for systems that does not include Cisco ACI or Cisco APIC Cisco UCS Director tenants are essentially customers that share the compute, network, and storage resources that is configured for ACI in Cisco UCS Director. with Virtual Data Centers Virtual data centers (vdcs) in Cisco UCS Director enable you to securely create and onboard tenants that represent user groups or customer organizations. For each tenant, the vdcs define the boundaries of the infrastructure that your user groups or customer organizations can access and use. You can also use vdcs to control the VMs and infrastructure resources that user groups can view in the Self-Service Portal. When users log in to request or manage VMs, those users can only see the vdcs assigned to their user group and the VMs that have been provisioned from those vdcs. The users cannot see the VMs or vdcs assigned to other user groups or customer organizations. 1

Virtual Data Centers You can assign more than one vdc to a user group. This configuration enables you to set different approvers and/or different resources for VMs, based upon the type of application that the end user requests. If you assign multiple vdcs to a user group or customer organization, you can allow your users to choose the vdc where the VM should be created. You cannot configure tenant onboarding with vdcs if your system includes an integration between Cisco UCS Director and Cisco Application Policy Infrastructure Controller (APIC). For more information about tenant onboarding with vdcs, see the Cisco UCS Director Administration Guide. Virtual Data Centers A Virtual Data Center (vdc) is a logical grouping that combines virtual resources, operational details, rules, and policies to manage specific group requirements. A group or organization can manage multiple vdcs. images, templates, and policies. Organizations can allocate quotas and assign resource limits for individual groups at the vdc level. You can also define approvers specific to a vdc. The approvers assigned to a particular vdc must approve all service requests from users for VM provisioning. There is a default vdc in Cisco UCS Director and all discovered VMs are part of this default vdc. Discovered VMs are VMs that are created outside of Cisco UCS Director or were already created on VMware vcenter before Cisco UCS Director was installed. Cisco UCS Director automatically discovers such VMs and adds them to the default vdc. A VM that is provisioned using a service request can be associated with a specific vdc. When you create a service request, you can choose the vdc on which this VM is provisioned. You can view a list of the vdcs that are available for a particular group and choose the required vdc when provisioning VMs. Policies for Virtual Data Centers You specify the infrastructure allocations in a vdc through a set of policies and configuration options. Each policy defines a subset of resources that the associated user group or customer organization can use and view. These policies include the following: System policy System specific information, including which template to use, time zone, and OS specific information. Computing policy Available compute resources, including the host or cluster, number of vcpus, CPU configuration, and memory configuration. Network policy Available network resources, including IP address configuration (DHCP or static IP address) and the option for the end user to choose vnics for any VM. Storage policy Available storage resources, including the datastore scope, type of storage to use, minimum conditions for capacity, and latency. Approvers Names and contact email addresses of the required approvers for VMs provisioned from the vdc resources. By default, you can configure a maximum of two approvers per vdc 2

Policies for Virtual Data Centers Cost model Cost and chargeback policy for all VMs provisioned from the vdc resources. ISO image mapping policy ISO images available for VMs provisioned from the vdc resources. End user self-service policy Actions or tasks that a user can perform on VMs provisioned from the vdc resources. Computing Policies Computing policies determine the compute resources that can be used during provisioning that satisfy group or workload requirements. As an administrator, you can define advanced policies by mixing and matching various conditions in the computing policy. We recommend that you thoroughly understand all the fields in the computing policy because some combinations of conditions can result in no host machines being available during self-service provisioning. Network Policies The network policy includes resources such as network settings, DHCP or static IP, and the option to add multiple vnics for VMs provisioned using this policy. Storage Policies A storage policy defines resources such as the datastore scope, type of storage to use, minimum conditions for capacity, latency, and so on. The storage policy also provides options to configure additional disk policies for multiple disks and to provide datastore choices for use during a service request creation. Cisco UCS Director supports datastore choice during a service request creation for VM provisioning. You have the option to enable or disable datastore choices for the end user during service request creation. The datastores listed depend upon the scope conditions specified in the storage policy that is associated with the vdc during the service request creation. To use the datastore selection feature while creating a service request, the template used for VM provisioning must have the disk type assigned as System. This is applicable for templates with single or multiple disks. End User Self-Service Policy An End User Self-Service Policy controls the actions or tasks that a user can perform on a vdc. The starting point for creating this policy is to specify an Account Type, for example VMware. After you specify an account type, you can continue with creating the policy. After you create the policy, you must assign the policy to a vdc that is created with the same account type. For example, if you have created an end user policy for 3

Resource Limits VMware, then you can specify this policy when you create a VMware vdc. You cannot view or assign policies that have been created for other account types. In addition to creating an end user self-service policy, Cisco UCS Director allows you to perform the following tasks: View Displays a summary of the policy. Edit Opens the End User Policy dialog box from which you can modify the description or the end user self service options. Clone Opens the End User Policy dialog box through which you can create another policy with options specified in another policy. Delete Deletes the policy from the system. However, no vdc must be assigned with this policy. Important The tasks that a user can perform on a vdc is now defined by the role that the user is mapped to and the end user self service policy that is assigned to the vdc. If you have upgraded to the current release, then the permissions to perform VM management tasks is retained in the end user self service policy that has been previously created. However, the permissions defined in the user role that the user belongs to takes precedence. Resource Limits If you want to ensure that a user group or customer organization does not exceed specific compute, network, or storage resource thresholds, you can add resource limits to the user group that apply across all vdcs assigned to that group. If you use resource limits, even if one or more vdcs assigned to the user group have resources available, Cisco UCS Director will reject service requests that exceed the resource limits. For example, if you have a data center that includes the following resources: ESXi cluster with 10 hosts Compute resources that total 1,000 GHz Network resources with all the required network portgroups, IP subnets, and VLANs Storage resources of 100 datastores User groups for Finance, Sales, and Development Resource limits for the Finance user group of 300GHz compute and 20 datastores. Three vdcs assigned to the Finance user group, each with 100 GHz compute and 10 datastores With this configuration, users in the Finance group can log into the Self-Service Portal and view their available resource limits, the vdcs that are associated with their user group, and other information about their available resources, and deployed applications. If they have deployed applications across all 20 datastores in their resource limits, they cannot make any further service requests without first requesting an additional resource allocation. 4

with Resource Groups As you can see from the following illustration, the combination of user groups, vdcs, policies, and resource limits determine the boundaries of the compute, network, and storage infrastructure that is available to each of the Finance and Sales organizations for application provisioning. Figure 1: Example: Resource Limits for Finance and Sales Organizations with Resource Groups Resource groups enable you to securely onboard resources for tenants that represent user groups and customer organizations. Each resource group is a pool of physical and/or virtual resources with specific capacities and capabilities. Based on the specific resource requirements, resources are assigned to a tenant (user groups or organizations) from this pool. You can share resources in a resource group across tenants or you can dedicate them to a specific tenant. When you onboard a tenant through a resource group, you need to do the following: 1 Create one or more resource tags, if desired. 2 If you created resource tags, tag the physical and virtual resources that you want to make available to the tenant. If you did not create resource tags, you can allocate resources to a tenant based on the required capacity and capability. 3 Create a resource group. 4 Add infrastructure resources (devices) to the resource group, either manually or through associating resource tags with the group. You can add physical infrastructure resources, virtual infrastructure resources, or a combination of physical and virtual infrastructure resources to the group. 5 Define the environment specific inputs for each type of infrastructure resource associated with the resource group. These inputs can include domain and other information required to identify and assign the resources. 6 Create one or more service offerings to describe the requirements of a particular application that a user can provision. 5

Resource Tags 7 Create one or more service classes within that service offering to define the requirements for a particular type of infrastructure resource required for the service offering. If you use resource tags, you can associate a service class with a particular resource tag. 8 Define a tenant profile to associate one or more service offerings with the resource group. 9 Develop the orchestration workflow required to deliver the service offering to the user as part of a service request. Figure 2: with Resource Groups Process Flow Resource groups support tenant onboarding only for systems that include Cisco Application Centric Infrastructure (ACI) and Cisco Application Policy Infrastructure Controller (APIC). For more information about tenant onboarding with resource groups, including specific examples, see the Cisco UCS Director APIC Management Guide. Resource Tags Resource tags are an optional component that allow you to assign a label to a physical or virtual infrastructure resource or to a category of infrastructure resources. Each resource tag is a name-value pair that identifies the resource or category of resources in a way that is meaningful to your data center. When you tag an object, you can also define applicability rules that determine how the tags are filtered and displayed. You can also organize your resource tags into tag libraries, which allow you to determine how you want to categorize the resources that have that tag applied. For example, you can create one or more tag libraries based on the following criteria: Resource type 6

Resource Groups Capacity Quality Capability You can use resource tags to identify specific resources that should be used by a tenant or to identify resources that are appropriate for a specific tier of service. For example, you can create a tag with a name of tier and a value of gold. The resources that you associate this tag are then identified as appropriate for the gold tier of service, whether they are compute, storage, or network infrastructure devices. Once you have tagged a set of resources, you can associate those resources with resource groups. The resource tags enable you to easily identify how the infrastructure resources should be grouped. They also define the boundaries of the infrastructure resources that are available to a particular resource group. Resource Groups You can use a resource group to select the appropriate resources for a tenant based on the requirements of an application. Additional concepts, such as a service offering, tenant profile, application profile, and resource group, are all required. Using these resource group concepts, you can onboard tenants and deploy applications based on a dynamic selection of resources. You can share resources in a resource group across tenants or you can dedicate them to a specific tenant. A resource group is a pool of resources. Each group can contain physical infrastructure resources, virtual infrastructure resources, or a combination of physical and virtual infrastructure resources. Resource groups enable you to onboard tenants into Cisco UCS Director with less manual intervention. As an infrastructure administrator or system administrator, you can add physical or virtual accounts to a resource group one at a time. Also, you can assign a pod to a resource group where all the accounts in the pod are added to the resource group. When an account is added to a resource group, the resource group by default announces all the capabilities and capacities for objects for that account as resource group entity capacities and capabilities. With Cisco UCS Director, you can selectively disable certain capacities or capabilities from the resource group. Service Offerings A service offering defines the resources required to provision an application. Each service offering must include one or more service classes that represents the capacity and capability needed for the following resource layers: Virtual Compute Virtual Storage Virtual Network Physical Compute Physical Storage Physical Network Layer 4 to Layer 7 Services When you define a service offering, you can specify the usage of resource groups as one of the following: 7

Tenant Profiles Shared The resources are shared among the applications or tenants. Dedicated The resources are dedicated to a single application or tenant. Based on the capacity, capability, and resource tags defined in the service offering, the resource groups are filtered and the matching resource groups are selected for further processing in the tenant onboarding and application deployment. Tenant Profiles Tenant profiles represent the pairing of one or more service offerings to one or more resource groups. Each tenant profile defines the characteristic of infrastructure requirements and application requirements. You can create a tenant profile to meet each possible combination of customer and application. You can associate a tenant profile with multiple service offerings and choose a resource group for each service offering. A tenant profile can be shared by more than one tenant. 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback